1. Product Overview
| Product Name | Torah Vision AI |
|---|---|
| Model | TORAH VISION AI |
| Product Code | B1ABXA1 |
| Version | v1.0.0 |
| Classification | Medical Device Software (SaMD) |
| Manufacturer | Torah |
| Analysis Method | Deep Learning (ResNet50) based Medical Image Analysis |
Torah Vision AI is an AI-powered automated analysis system for chest X-ray and radiology images. It is designed to assist medical professionals in image interpretation and supports four languages (Korean, English, Japanese, Chinese).
2. Intended Use & Scope
2.1 Intended Use
This medical device provides AI analysis results for chest X-ray and radiology/CT medical images across the following 15 finding classes.
Aortic Enlargement
Atelectasis
Calcification
Cardiomegaly
Consolidation
ILD
Infiltration
Lung Opacity
No Finding
Nodule/Mass
Other Lesion
Pleural Effusion
Pleural Thickening
Pneumothorax
Pulmonary Fibrosis
2.2 Intended Users
- Medical Professionals: Radiologists, clinicians, radiologic technologists, and other qualified personnel licensed to interpret medical images.
- System Administrators: IT staff and system operators at medical institutions.
2.3 Scope
- Supported file formats:
DICOM (.dcm),PNG,JPEG,TIFF - Maximum file size: 100 MB
- Supported region: Chest X-ray (primary)
3. Warnings & Precautions
⚠️ IMPORTANT — Diagnostic Aid Only
Torah Vision AI is a tool that assists medical professionals in image interpretation and does not replace final diagnosis. AI analysis results are for reference only. All clinical decisions must be made by qualified medical professionals based on a comprehensive consideration of the patient's clinical information, medical history, and additional tests.
Precautions
- AI analysis is not 100% accurate. False positives and false negatives can occur.
- Low-quality, rotated, or improperly exposed images may degrade analysis accuracy.
- Pediatric/neonatal images and non-chest regions may fall outside the training data scope.
- Do not communicate diagnoses or prescribe treatment based on AI results alone.
4. System Requirements
4.1 Server Specifications
| OS | Ubuntu 18.04 or later (or equivalent Linux) |
|---|---|
| Database | MariaDB 10.6 or later |
| Memory | 8 GB or more (16 GB recommended) |
| Storage | 120 GB or more |
| GPU (Optional) | NVIDIA CUDA 12.1 compatible GPU (faster analysis) |
| Network | HTTPS-capable environment (TLS 1.2 or later) |
4.2 Client Specifications
| OS | Windows 10 or later, macOS Monterey or later |
|---|---|
| Web Browser | Google Chrome (recommended), Microsoft Edge, Safari (latest version) |
| CPU | Intel i3 or equivalent |
| Memory | 8 GB or more |
| Network | 100 Mbps or higher |
5. Account Management
5.1 Account Provisioning
- The administrator creates a new user and issues an initial password.
- Alternatively, users can register on the sign-up page (requires admin approval).
- On first login, the system guides the user to the password change screen.
- After setting a new password, the user can begin normal use.
5.2 Password Policy
- Minimum 8 characters
- Must include uppercase, lowercase, number, and special character
- Recommended change every 6 months (180 days) (warning 30 days before expiry)
- 30-minute automatic lockout after 5 failed login attempts
5.3 Concurrent Session Control
When the same account attempts to log in from a different location, the system asks for confirmation before terminating the existing session. If this was not initiated by you, change your password immediately.
6. Image Analysis Workflow
- Login: On the main page (
/), log in with your username and password. - Upload Image: Drag-and-drop or select a DICOM/PNG/JPEG/TIFF file in the upload area on the main screen.
- Start Analysis: Click [Start AI Analysis]. 1 point will be deducted (administrators have unlimited usage).
- Monitor Progress: Track the 4-step processing in real time on the progress page (image preprocessing → classification → similar region search → integrated result).
- Review Results: On the integrated results page, review per-class probabilities, Grad-CAM activation maps, bounding boxes, similar cases, and medical advice.
- View History: Use the [Analysis History] menu on the left to re-query past results.
6.1 DICOM Viewer
To browse a DICOM CD-ROM or DICOM directory directly, use the [CD-ROM Viewer] menu. Patient information, study date, and body part can be reviewed together.
7. Interpreting Results
7.1 Results Screen Components
- Final Analysis Result: The class with the highest probability and its confidence (%)
- Grad-CAM Heatmap: Visualization of regions the AI focused on (red = stronger focus)
- Bounding Boxes: Locations of detected findings (with coordinates and confidence)
- Similar Cases: Automatic search for similar images in the training dataset
- Medical Advice: General medical information for the finding (reference only)
7.2 Confidence Interpretation
| Confidence | Interpretation |
|---|---|
| ≥ 90% | Very high model certainty. Specialist confirmation still required. |
| 70–90% | Significant likelihood. Recommend additional tests or comparison images. |
| 50–70% | Borderline. Prioritize specialist interpretation. |
| < 50% | Reference level only. Do not use for clinical decisions. |
8. Administrator Features
Users with administrator privileges can manage the entire system from the /admin page.
| Menu | Functionality |
|---|---|
| Dashboard | User statistics, analysis counts, recent activity summary |
| User Management | Create accounts, reset passwords, approve/reject, change roles, grant points |
| System Settings | Initial points for new members, subscription policies, etc. |
| Security Settings | Password policy, session timeout, login notice message (RA-04) |
| Medical Advice | Edit medical advice for 15 classes in 4 languages |
| Announcements | Create/edit/delete system-wide announcements |
| Translations | Manage UI text translations |
| Login History | View all login attempt history (IA-07) |
| Audit Logs | Full security event audit trail (UC-04, TRE-01) — CSV export available |
9. Security Guide (Required)
Antivirus Installation Mandatory (SI-02)
Antivirus software is mandatory on all servers and client PCs running this medical device. Do not operate this medical device in an environment without antivirus protection.
- Linux server: ClamAV or equivalent
- Windows client: Windows Defender or equivalent
- Signature database must be set to auto-update daily
- Full scan recommended at least weekly
9.1 Security Function Verification (SI-03)
The administrator must verify quarterly that the following security functions operate correctly.
- 5-failed-login 30-minute auto lockout
- Password strength enforcement (8+ chars + upper + lower + digit + special)
- 30-minute session inactivity auto-logout
- HTTPS enforcement (http:// → https:// auto redirect)
- Upload an EICAR test file to verify antivirus blocking
- Confirm security events are recorded in audit logs (
/admin/activity-logs)
9.2 Communication Security (SI-01)
- All external connections are encrypted with HTTPS (TLS 1.2 or later).
- HTTP requests are automatically redirected to HTTPS.
- Use certificates issued by trusted CAs (e.g., Let's Encrypt).
9.3 Data Security (DC-01, DC-02)
- Passwords are stored as SHA-256 hash + salt; never in plain text.
- At-rest encryption (AES-256) for the MariaDB data directory is recommended.
- Patient Health Information (PHI) should be masked or stored in separately encrypted columns.
- Audit logs are admin-only and have no edit/delete API (TRE-01).
9.4 Backup (RA-02)
- DB backup: daily at 02:00 (mariadb-dump → GPG encryption)
- Image backup: daily at 03:00
- Result backup: weekly on Sunday at 04:00
- Backups older than 30 days are auto-cleaned
- Quarterly recovery drills recommended
9.5 Software Update (SI-08, SI-09)
- Always perform a DB backup before updating.
- Only apply GPG-signed verified packages from the manufacturer (
git verify-tag). - Run the migration script (
python database_init.py) and confirm normal operation. - If an update fails, roll back to the previous version immediately.
10. Troubleshooting
| Symptom | Resolution |
|---|---|
| Cannot log in ("Invalid username or password") | Recheck username/password. After 5 failures, the account is locked for 30 minutes — ask admin to unlock. |
| "Password Change Required" screen after login | Initial password or expired password. Set a new password to continue. |
| "File format not allowed" on upload | Only DICOM/PNG/JPEG/TIFF allowed. Magic byte verification blocks spoofed extensions (SI-05). |
| Analysis does not proceed | Check remaining points. Ask admin to recharge if 0. |
| "Logged in from another location" alert | Normal if you logged in elsewhere. If not, change your password immediately. |
| Session expires too often | 30-minute idle auto-expiry is normal. Admin can adjust timeout in Security Settings. |
11. Support & Contact
Contact via QR Code
Scan with your smartphone camera to open your mail app automatically.
master@to-rah.com
Contact Information
| Technical Support | master@to-rah.com |
|---|---|
| Security Issues | security@to-rah.com |
| Website | https://cxr.to-rah.com |
| Manufacturer | Torah |
Quick Inquiry
Fill out the form below to send an email to master@to-rah.com.
Document Version
- Product Version: Torah Vision AI v1.0.0
- Manual Version: 1.0.0
- Last Updated: 2026-05-26